KR102056973B1 - 서비스 요청 인증 방법 및 장치 - Google Patents

서비스 요청 인증 방법 및 장치 Download PDF

Info

Publication number
KR102056973B1
KR102056973B1 KR1020177020348A KR20177020348A KR102056973B1 KR 102056973 B1 KR102056973 B1 KR 102056973B1 KR 1020177020348 A KR1020177020348 A KR 1020177020348A KR 20177020348 A KR20177020348 A KR 20177020348A KR 102056973 B1 KR102056973 B1 KR 102056973B1
Authority
KR
South Korea
Prior art keywords
service request
session
token
authentication
determining
Prior art date
Application number
KR1020177020348A
Other languages
English (en)
Korean (ko)
Other versions
KR20170108003A (ko
Inventor
샤오추안 장
Original Assignee
알리바바 그룹 홀딩 리미티드
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 알리바바 그룹 홀딩 리미티드 filed Critical 알리바바 그룹 홀딩 리미티드
Publication of KR20170108003A publication Critical patent/KR20170108003A/ko
Application granted granted Critical
Publication of KR102056973B1 publication Critical patent/KR102056973B1/ko

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/029Firewall traversal, e.g. tunnelling or, creating pinholes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
KR1020177020348A 2015-01-28 2016-01-28 서비스 요청 인증 방법 및 장치 KR102056973B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN201510043786.XA CN105991514B (zh) 2015-01-28 2015-01-28 一种业务请求认证方法及装置
CN201510043786.X 2015-01-28
PCT/US2016/015354 WO2016123336A1 (en) 2015-01-28 2016-01-28 Service request authentication method and apparatus

Publications (2)

Publication Number Publication Date
KR20170108003A KR20170108003A (ko) 2017-09-26
KR102056973B1 true KR102056973B1 (ko) 2019-12-17

Family

ID=56434298

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020177020348A KR102056973B1 (ko) 2015-01-28 2016-01-28 서비스 요청 인증 방법 및 장치

Country Status (10)

Country Link
US (1) US10038685B2 (ja)
EP (1) EP3251285B1 (ja)
JP (1) JP6633636B2 (ja)
KR (1) KR102056973B1 (ja)
CN (1) CN105991514B (ja)
ES (1) ES2871028T3 (ja)
PL (1) PL3251285T3 (ja)
SG (1) SG11201705555YA (ja)
TW (1) TWI696089B (ja)
WO (1) WO2016123336A1 (ja)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110022279B (zh) * 2018-01-08 2021-11-26 普天信息技术有限公司 一种微服务系统中认证鉴权的方法和系统
CN110099031A (zh) * 2018-01-30 2019-08-06 普天信息技术有限公司 一种服务调用方法、装置及微服务平台
CN113132355A (zh) * 2018-10-29 2021-07-16 华为技术有限公司 服务授权方法及通信装置
CN111435932B (zh) * 2019-01-14 2021-10-01 华为技术有限公司 一种令牌处理方法及装置
CN110943934A (zh) * 2019-11-19 2020-03-31 上海钧正网络科技有限公司 服务请求处理方法、系统、终端及可读存储介质
CN111917714B (zh) * 2020-06-18 2022-11-11 云南电网有限责任公司信息中心 一种零信任架构系统及其使用方法
CN114866247B (zh) * 2022-04-18 2024-01-02 杭州海康威视数字技术股份有限公司 一种通信方法、装置、系统、终端及服务器
CN114745196B (zh) * 2022-04-27 2024-01-02 广域铭岛数字科技有限公司 接口测试方法、系统、电子设备及可读存储介质

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070192842A1 (en) * 2006-02-06 2007-08-16 Cisco Technology, Inc. Secure extended authentication bypass

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6226752B1 (en) * 1999-05-11 2001-05-01 Sun Microsystems, Inc. Method and apparatus for authenticating users
US7444407B2 (en) * 2000-06-29 2008-10-28 Transnexus, Inc. Intelligent end user devices for clearinghouse services in an internet telephony system
US7225464B2 (en) * 2002-04-03 2007-05-29 Yodlee.Com, Inc. Method for verifying the identity of a user for session authentication purposes during Web navigation
US7340525B1 (en) * 2003-01-24 2008-03-04 Oracle International Corporation Method and apparatus for single sign-on in a wireless environment
US8010783B1 (en) * 2004-04-15 2011-08-30 Aol Inc. Service provider invocation
US7735118B2 (en) * 2005-02-07 2010-06-08 Alcatel-Lucent Usa Inc. Method and apparatus for preventing bridging of secure networks and insecure networks
WO2008002081A1 (en) 2006-06-29 2008-01-03 Electronics And Telecommunications Research Institute Method and apparatus for authenticating device in multi domain home network environment
CN101351027A (zh) * 2007-07-19 2009-01-21 中国移动通信集团公司 业务鉴权处理方法及系统
CN101227415A (zh) 2008-02-04 2008-07-23 华为技术有限公司 多业务资源分配方法、系统、网关设备及认证服务器
US7941549B2 (en) * 2008-09-16 2011-05-10 Microsoft Corporation Protocol exchange and policy enforcement for a terminal server session
US8245030B2 (en) * 2008-12-19 2012-08-14 Nai-Yu Pai Method for authenticating online transactions using a browser
EP2355439A1 (en) 2010-02-02 2011-08-10 Swisscom AG Accessing restricted services
US8601266B2 (en) 2010-03-31 2013-12-03 Visa International Service Association Mutual mobile authentication using a key management center
CN102378170B (zh) * 2010-08-27 2014-12-10 中国移动通信有限公司 一种鉴权及业务调用方法、装置和系统
CN102572815B (zh) * 2010-12-29 2014-11-05 中国移动通信集团公司 一种对终端应用请求的处理方法、系统及装置
US9276929B2 (en) * 2013-03-15 2016-03-01 Salesforce.Com, Inc. Method and apparatus for multi-domain authentication
WO2013087984A1 (en) * 2011-12-12 2013-06-20 Nokia Corporation Method and apparatus for providing federated service accounts
JP5978759B2 (ja) 2012-05-21 2016-08-24 富士通株式会社 サービス要求装置、サービス提供システム、サービス要求方法およびサービス要求プログラム
GB2505211B (en) * 2012-08-22 2014-10-29 Vodafone Ip Licensing Ltd Communications device authentication
US9729514B2 (en) 2013-03-22 2017-08-08 Robert K Lemaster Method and system of a secure access gateway

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070192842A1 (en) * 2006-02-06 2007-08-16 Cisco Technology, Inc. Secure extended authentication bypass

Also Published As

Publication number Publication date
JP6633636B2 (ja) 2020-01-22
WO2016123336A1 (en) 2016-08-04
KR20170108003A (ko) 2017-09-26
US20160219030A1 (en) 2016-07-28
JP2018503901A (ja) 2018-02-08
US10038685B2 (en) 2018-07-31
PL3251285T3 (pl) 2021-08-02
ES2871028T3 (es) 2021-10-28
TW201627902A (zh) 2016-08-01
EP3251285B1 (en) 2021-04-07
EP3251285A4 (en) 2018-10-17
CN105991514B (zh) 2019-10-01
CN105991514A (zh) 2016-10-05
TWI696089B (zh) 2020-06-11
SG11201705555YA (en) 2017-08-30
EP3251285A1 (en) 2017-12-06

Similar Documents

Publication Publication Date Title
KR102056973B1 (ko) 서비스 요청 인증 방법 및 장치
JP6749409B2 (ja) ウェブサイトログイン方法及び装置
CN110784433B (zh) 一种用户访问处理方法、装置及设备
US10460309B2 (en) Payment verification method, apparatus and system
KR102193406B1 (ko) 사용자 신원을 식별하는 방법 및 장치
CN106779716B (zh) 基于区块链账户地址的认证方法、装置及系统
CN105592011B (zh) 一种账号登录方法及装置
KR102315794B1 (ko) 계정에 연결하고 서비스 프로세스를 제공하기 위한 방법 및 디바이스
EP3933624B1 (en) Blockchain-based identity verification method and related hardware
CN107231335B (zh) 一种业务处理方法及装置
CN104113551A (zh) 一种平台授权方法、平台服务端及应用客户端和系统
CN114616795B (zh) 用于防止重试或重放攻击的安全机制
CN107682336B (zh) 一种基于地理位置的身份验证方法及装置
AU2021200130A1 (en) Resource allocation method and device, and electronic payment method
CN109308416B (zh) 业务服务数据处理方法、装置、系统、存储介质和设备
CN110599311A (zh) 资源处理方法、装置、电子设备及存储介质
US20140298443A1 (en) System and method of extending a host website
US10158643B2 (en) Token-based routing for in-network authorization
US20150101059A1 (en) Application License Verification
CN114553480A (zh) 跨域单点登录方法及装置
CN111683092B (zh) 一种工作流提交方法、装置、设备和存储介质

Legal Events

Date Code Title Description
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant